In this project, we’ll build and launch AWS infrastructure using CloudFormation. Instead of manually clicking through the AWS Management Console, you’ll write an elegant YAML template to create resources like an EC2 instance and a VPC.
Let’s walk through it step-by-step!
🚀 Project Overview
You’ll create an AWS CloudFormation stack to deploy:
- A Virtual Private Cloud (VPC) with public and private subnets.
- An EC2 instance within the public subnet.
- Security Groups to control access to the instance.
🛠️ Technologies Used
- AWS CloudFormation: For defining and provisioning infrastructure as code.
- AWS EC2: To launch a virtual server.
- VPC: To provide a secure network for your resources.
- YAML: For writing the CloudFormation template.
📋 Prerequisites
Before you begin, make sure you have:
- AWS Account: Sign up at AWS if you don’t have one.
- IAM User: Ensure your IAM user has permissions for EC2 and CloudFormation.
-
AWS CLI: Installed and configured on your machine.
bash
Copied!aws configure
4. Text Editor: Like Visual Studio Code or any editor of your choice.
📝 Step-by-Step Instructions
1️⃣ Write the CloudFormation Template
Create a file named ec2_vpc.yaml and add the following YAML code:
Copied!AWSTemplateFormatVersion: '2010-09-09' Description: > CloudFormation template to create a VPC, a public subnet, a security group, and an EC2 instance with dynamic AMI selection and improved best practices. Parameters: InstanceType: Description: EC2 instance type Type: String Default: t2.micro AllowedValues: - t2.micro - t2.small - t2.medium LatestAmiId: Description: The latest Amazon Linux 2 AMI ID Type: AWS::SSM::Parameter::Value<AWS::EC2::Image::Id> Default: /aws/service/ami-amazon-linux-latest/amzn2-hvm-x86_64-gp2 Resources: # Create a VPC MyVPC: Type: AWS::EC2::VPC Properties: CidrBlock: 10.0.0.0/16 EnableDnsSupport: true EnableDnsHostnames: true Tags: - Key: Name Value: MyVPC # Create an Internet Gateway MyInternetGateway: Type: AWS::EC2::InternetGateway Properties: Tags: - Key: Name Value: MyInternetGateway # Attach the Internet Gateway to the VPC AttachGateway: Type: AWS::EC2::VPCGatewayAttachment Properties: VpcId: !Ref MyVPC InternetGatewayId: !Ref MyInternetGateway # Create a Public Subnet PublicSubnet: Type: AWS::EC2::Subnet Properties: VpcId: !Ref MyVPC CidrBlock: 10.0.1.0/24 AvailabilityZone: !Select [0, !GetAZs ''] MapPublicIpOnLaunch: true Tags: - Key: Name Value: PublicSubnet # Create a Route Table for Public Subnet PublicRouteTable: Type: AWS::EC2::RouteTable Properties: VpcId: !Ref MyVPC Tags: - Key: Name Value: PublicRouteTable # Create a Route to the Internet Gateway PublicRoute: Type: AWS::EC2::Route DependsOn: AttachGateway Properties: RouteTableId: !Ref PublicRouteTable DestinationCidrBlock: 0.0.0.0/0 GatewayId: !Ref MyInternetGateway # Associate Route Table with Public Subnet PublicSubnetRouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Properties: SubnetId: !Ref PublicSubnet RouteTableId: !Ref PublicRouteTable # Create a Security Group for EC2 Instance MySecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: Allow SSH and HTTP access VpcId: !Ref MyVPC SecurityGroupIngress: - IpProtocol: tcp FromPort: 22 ToPort: 22 CidrIp: 0.0.0.0/0 - IpProtocol: tcp FromPort: 80 ToPort: 80 CidrIp: 0.0.0.0/0 Tags: - Key: Name Value: MySecurityGroup # Create an EC2 Instance MyEC2Instance: Type: AWS::EC2::Instance Properties: ImageId: !Ref LatestAmiId InstanceType: !Ref InstanceType SubnetId: !Ref PublicSubnet SecurityGroupIds: - !Ref MySecurityGroup Tags: - Key: Name Value: MyEC2Instance UserData: Fn::Base64: | #!/bin/bash yum update -y yum install -y httpd systemctl start httpd systemctl enable httpd echo "<h1>Welcome to My EC2 Instance - Deployed with CloudFormation</h1>" > /var/www/html/index.html Outputs: InstancePublicIP: Description: Public IP address of the EC2 instance Value: !GetAtt MyEC2Instance.PublicIp
📝 Template Breakdown
-
Parameters:
-
InstanceType: Allows you to select the EC2 instance type (default is
t2.micro). - LatestAmiId: Uses an SSM parameter to dynamically fetch the latest Amazon Linux 2 AMI.
-
InstanceType: Allows you to select the EC2 instance type (default is
-
Resources:
- VPC: Creates a VPC with DNS support and hostnames enabled.
- Internet Gateway: Enables internet access for the VPC.
- Public Subnet: Creates a public subnet and maps public IP addresses automatically.
- Route Table: Connects the public subnet to the internet gateway.
- Security Group: Allows inbound SSH (port 22) and HTTP (port 80) access.
- EC2 Instance: Launches an EC2 instance with user data to install and start an Apache web server.
-
User Data:
- Installs Apache on the EC2 instance and sets up a basic HTML welcome page.
-
Outputs:
- Provides the public IP address of the EC2 instance after deployment.
🚀 Deployment Instructions
-
Save the YAML file as
ec2_vpc.yaml. -
Deploy the CloudFormation stack using the AWS CLI:
bash
Copied!aws cloudformation create-stack --stack-name MyEC2VPCStack --template-body file://ec2_vpc.yaml --capabilities CAPABILITY_NAMED_IAM --region us-east-1
3. Check the stack status:
bash
Copied!aws cloudformation describe-stacks --stack-name MyEC2VPCStack
4. Access the EC2 Instance:
Once the stack is complete, grab the public IP from the outputs and visit it in your browser to see the welcome message:
bash
Copied!http://<instance-public-ip>
5. Clean Up Resources:
To avoid charges, delete the stack when you’re done:
bash
Copied!aws cloudformation delete-stack --stack-name MyEC2VPCStack
✨ What You Achieved
- Created Infrastructure as Code (IaC) using CloudFormation.
- Automated EC2 Deployment with Apache installed and running.
- Defined Networking with a VPC, public subnet, and security group.
- Dynamic AMI Selection for up-to-date deployments.
This project showcases how CloudFormation can simplify and automate your AWS infrastructure management.
Happy coding! 🐳🚀
Leave a Reply